Mitigating brute force attacks

Attack surface

No one is safe, particularly machines and when they are accessible from the Internet.
One of the worst thing to be controlled by an unwanted person, letting him adding backdoors, and other viruses to your ecosystem.

As an attacker, one of the potential way to gain the control of a machine would be to be able to steal the credential of an administrator.
The administrators password could be stolen by using brute force attack, trying every combinations until the good one is found.

Countermeasure

This kind of attacks can be easily mitigated: what if the attacker had to wait 10 minutes when he fails after five try?
Let see how a good fail2ban configuration can help here :-)